TuneFactor uses your music tastes to present a 2-factor authentication challenge that only you can pass when logging in to online accounts like your bank. It takes 2-factor authentication to the next level - authenticating a user based on their behaviour, rather than a simple password or code from a text message or app.

How it works

  1. The user enters their username and password like normal.
  2. TuneFactor comes up with 4 songs for the user to rank in order of preference.
  3. It determines whether the user is genuine or not by presenting up to 3 more challenges.
  4. The real user is logged in based on their music taste.

How we compare

  Authenticator App TuneFactor
tough to hack
tough to steal
no second device required

Under the bonnet

  1. The user has to links their account with Spotify (the algorithm is easily extensible to other music sources and datasets too).
  2. Tunefactor picks four songs and tries to predict the order the user will rank them in. The user then ranks the songs.
  3. The program calculates a probability of how likely the user is to be who they say they are. This probability is determined by the user's ranking of the songs.
  4. If the probability is judged insufficient by the program, the user is asked to rank some more songs and step 3 repeats up to three more times.
  5. If the probability is high enough, the user is logged in.
  6. If the probability is too low or there have been too many attempts, the user is locked out.
Share this project: